public function install_new_favicon() { header("Content-type: application/json"); try { // URL is explicitely decoded to compensate the extra encoding performed while generating the settings page $url = 'https://realfavicongenerator.net' . $_REQUEST['json_result_url']; $result = $this->download_result_json($url); $response = new Favicon_By_RealFaviconGenerator_Api_Response($result); if (!wp_verify_nonce($response->getCustomParameter(), Favicon_By_RealFaviconGenerator_Admin::NONCE_ACTION_NAME)) { // Attack in progress? ?> { "status": "error", "message": "<?php _e('Nonce was not recognized. This case is supposed to happen only in case of XSS attack. If you feel like something is wrong, please <a href=\\"mailto:contact@realfavicongenerator.net\\">contact us</a>.', FBRFG_PLUGIN_SLUG); ?> " } <?php } else { $zip_path = Favicon_By_RealFaviconGenerator_Common::get_tmp_dir(); if (!file_exists($zip_path)) { if (mkdir($zip_path, 0755, true) !== true) { throw new InvalidArgumentException(sprintf(__('Cannot create directory %s to store the favicon package', FBRFG_PLUGIN_SLUG), $zip_path)); } } $response->downloadAndUnpack($zip_path); $this->store_pictures($response); $this->store_preview($response->getPreviewPath()); Favicon_By_RealFaviconGenerator_Common::remove_directory($zip_path); update_option(Favicon_By_RealFaviconGenerator_Common::OPTION_HTML_CODE, $response->getHtmlCode()); $this->set_favicon_configured(true, $response->isFilesInRoot(), $response->getVersion(), $response->getNonInteractiveAPIRequest()); ?> { "status": "success", "preview_url": <?php echo json_encode($this->get_preview_url()); ?> , "favicon_in_root": <?php echo json_encode($this->is_favicon_in_root()); ?> } <?php } } catch (Exception $e) { ?> { "status": "error", "message": <?php echo json_encode($e->getMessage()); ?> } <?php } die; }